Audit Trail in Online Voting
Transparency and Security are the two side of the same coin called Elections. Any election should be secured to ensure there is no chances of any hacking or manipulation. At the same time election should be transparent to create trust among candidates and voters. Transparency can be increased by providing audit trail. Security and transparency are not mutually exclusive. There are ways which can increase security at the same time increase transparency.
Before we get into the details, let take a step back and understand the term – Audit Trail. The word Audit and term Audit Trail has an accounting origin and hence the definition available in dictionaries (https://dictionary.cambridge.org/) are also relating to accounting. We will have to first understand the term and then understand it with reference to voting.
Audit: to make an official examination of the accounts of a business and produce a report
Trail: a path through a countryside, mountain, or forest area, often made or used for a particular purpose. Or something which gives visibility from start to end.
Documents and records that show the history of a company’s financial activities, examined by someone who is doing an audit (checking a company’s accounts).
A record of the activity on a computer or computer system
Basically, Audit Trail means record of transactions backed by supporting evidence.
In online voting, Audit trail can be defined as record of the voting transactions recorded by the system backed by supporting evidence. The audit generally aims to checks the evidence of – when, where, by whom and what.
Audit Trail in Right2Vote’s eVoting system
Right2Vote’s online voting platform provides detailed audit trail. The platform provides evidence of when, where, by whom and what using the following data:
- By whom – Voter selfie and record of authentication including OTP based authentication, biometric authentication.
- When – Time stamp
- From where – IP address and geo location
- What – Voter receipt, vote record, result
There are few standard features for audit trail in regular voting and there are certain premium features available for polls which are very critical, high value or sensitive.
Audit Trail: Audit trail feature of Right2Vote provides the election officer with following details:
- Log in ID of the voter
- Name of the voter
- Time of voting of the voter (Time Stamp)
- IP address of the voter
This is a standard feature in Right2Vote, and this feature is available for all polls. There is no extra charge for this feature.
This feature gives evidence of who, when and where for each vote cast.
In server confirmation feature, the individual voter vote choice data travels to the central server and the server display the data received by the server on the screen of the voter for his confirmation. The objective of this feature is to defeat any man in the middle attack and to ensure that the voter by mistake does not cast a wrong vote. This is also a standard feature in Right2Vote, and there is no extra charge applicable for the same.
When the election officer opts for voter receipt feature, a receipt is sent to all voter via email / SMS with the details of their individual vote choice. The voter receipt gives an assurance to the voter that the vote is correctly recorded in the system, and it eliminates the allegations like ‘hum button kuch bhi dabte hai, vote kamal to jata hai’.
Certain organizations are wary about candidates pressuring voters to show their voter receipt to them. That would be against the spirit of Secret Ballot. In such situation the election officer can opt for ‘Voter Receipt – Only Confirmation’. With this feature, the voter gets an email / SMS with only time stamp and IP address. Individual voter vote preference is not sent to maintain confidentiality.
Together with server confirmation, voter receipt feature is similar to VVPAT (Voter Verified Paper Audit Trail) used in Indian government elections. Server confirmation allows voter to confirm his vote choice on screen and voter receipt provides the voter with a digital receipt.
Right2Vote also provides Vote Record feature where a voter can any time log into the system and check the record of his own vote. This feature is not available for Secret Ballot poll as in such poll linkage of vote to voter is not stored in the system.
Voter Selfie: With voter selfie feature, the voter’s image is captured before voting. The election officer is provided with picture of all the voters as evidence on real time basis and in PDF form for download at the end of the election. The PDF document is an audit trail evidence to prove who all voted.
Geo tagging: For each voter longitude and latitude data is captured at the time of voting using google maps. This data is more reliable than IP address as IP address can give incorrect location data in case of Virtual Private Network (VPN). Many organizations use the geo tagging feature to check whether voters are getting together in groups and voting. This feature is also used to know the geographical distribution of voting.
Other security features like OTP based authentication, two factor authentication, Aadhaar based OTP authentication, Aadhaar based biometric authentication, Face Recognition etc are not only security features but they also add transparency to voting as they provide evidence of ‘who’ voted.
Audit Trail in Secret Ballot poll
In case of SECRET BALLOT voting, the individual voter’s vote preference is secret and even the auditor does not have access to this information. The system keeps a record of who voted, when did he vote, from where but it does not keep record of what he voted. The system also keeps record of which candidate got how many votes; However, the system is supposed to not keep any record or evidence which can help somebody link the vote to an individual voter.
This is done to ensure that a voter can vote with his free will, and he does not vote under any pressure or influence. To read more about Secret Ballot, read How secret is the secret ballot voting?.
In a Secret Ballot voting the auditor can satisfy himself of ‘who, when and where’ questions using the audit trail data above. For the ‘what’ question the evidence that individual voter confirmed during the server confirmation process and the voter did not raise objection when he received the voter receipt is enough evidence that individual voter’s vote data has been captured properly. The auditor need not know individual voter’s vote preference to confirm that vote data has been recorded properly.
With advancement of IT systems auditing has also evolved from vouching to process audit. With process audit, auditor does not try to check every transaction and match it with evidence but tests flow of the system to ensure there is no bugs or errors. The auditor does dummy transactions in the system and checks that the processing of the data is as planned.
In case of secret ballot poll, another good way for auditor to satisfy himself about the ‘what’ question is to do process audit. Auditor can test the system by creating a new poll in the system and vote on the poll. If the system is correctly authenticating the voter, capturing the vote, issuing voter receipt, calculating result then it is good evidence for audit confirmation.
Right2Vote has got the eVoting platform tested and certified by Standardization, Testing and Quality, Certification (STQC) Directorate under Ministry of Electronics and Information Technology (MeitY), Government of India. STQC provides the certification after extensive process testing. STQC is the highest certification agency for eVoting platforms in India and is owned by Government of India. To know more about STQC certificate please click here.
Online voting systems and specially Right2Vote’s online voting platform provides extensive audit trail to increase transparency of voting process. Depending on criticality, value and sensitiveness of the election, the client can choose the various transparency and security features. Right2Vote strongly recommends Audit Trail, Voter Receipt and Voter Selfie feature.
Offline voting systems like booth-based voting with paper ballot cannot match online voting system when it comes to audit trail. In booth-based voting most of the voter authentication process and record keeping process is manual. Manual authentication and records keeping are generally prone to errors, frauds, manipulation and not very exhaustive. Booth based voting can improve audit trail by employing CCTV cameras with face recognition and biometric authentication of voters via Aadhaar.